reddit hackernews mail facebook facebook linkedin
Dshell

Dshell

A network forensic analysis framework.

An extensible network forensic analysis framework. Enables rapid development of plugins to support the dissection of network packet captures.

Key features:
- Deep packet analysis using specialized plugins
- Robust stream reassembly
- IPv4 and IPv6 support
- Multiple user-selectable output formats and the ability to create custom output handlers
- Chainable plugins
- Parallel processing option to divide the handling of data source into separate Python processes
- Enables development of external plugin packs to share and install new externally developed plugins without overlapping the core Dshell plugin directories